CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Jingle Thief Targets Cloud Environments for Gift Card Fraud

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Jingle Thief, a cybercriminal group, exploits cloud environments in the retail and consumer services sectors to steal and issue unauthorized gift cards. The group uses phishing and smishing to steal credentials and maintain access for extended periods, often over a year. They target gift card issuance applications to issue high-value cards, leveraging cloud infrastructure to impersonate legitimate users and evade detection. The group is believed to be active since late 2021 and has been linked to criminal groups Atlas Lion and Storm-0539. Their activities coincide with festive seasons and holiday periods, making gift card fraud a lucrative choice due to its ease of redemption and difficulty in tracing. In April and May 2025, Jingle Thief launched a wave of coordinated attacks targeting global enterprises, maintaining access for about 10 months and compromising 60 user accounts within a single organization.

Timeline

  1. 23.10.2025 10:52 1 articles · 8h ago

    Jingle Thief Launches Coordinated Attacks on Global Enterprises

    In April and May 2025, Jingle Thief launched a wave of coordinated attacks targeting global enterprises. The group used phishing attacks to obtain credentials necessary to breach victims' cloud infrastructure. In one campaign, the attackers maintained access for about 10 months and compromised 60 user accounts within a single organization. The attacks involved accessing gift card issuance applications to issue high-value cards while minimizing logs and forensic trails.

    Show sources
    Open in new tab

Information Snippets